Trend Micro Apex One: Final fix for bug released
Trend Micro has released a final patch for an already attacked critical vulnerability in Apex One Management Console (On-Premises).
(Image: Gorodenkoff/Shutterstock.com)
Two weeks ago, Trend Micro published a warning about a vulnerability in the on-premises version of the Apex One Management Console that was attacked in the wild. Now the US cyber security authority CISA has also responded and included the vulnerability, which is classified as a "critical risk", in the "Known Exploited Vulnerabilities" (KEV) catalog. Trend Micro also released a final patch at the weekend, which correctly corrects the underlying errors and restores the "Remote Install Agent" function.
In Trend Micro's security announcement, the antivirus specialists explain that the preliminary fix tool had already received an initial update on August 6, as the installation of the original version failed in some non-standard configurations. However, the final patch has now been available since the weekend and can be downloaded from Trend Micro's Apex One download page.
Final patch for Apex One SP1 available
The file apexone-sp1-win-en-criticalpatch-b14081.exe, which should be applied to Apex One Service Pack 1, is now available on the "Product Patch" tab. This increases the build version to 14801.
Videos by heise
The vulnerability allows "pre-authenticated" attackers from the network to upload malicious code and execute commands on vulnerable instances; the vulnerability type is "OS Command Injection", i.e. injection of commands into the operating system. The vulnerability has received two CVE entries, each of which applies to different processor architectures. However, Trend Micro does not go into detail about how the vulnerability can be abused or how attack attempts can be recognized (CVE-2025-54987/EUVD-2025-23620, CVE-2025-54988/EUVD-2025-23621, CVSS 9.4, riskn "critical").
The security vulnerability in the administration interface became known around two weeks ago. According to the developers, Trend Micro Apex One (On-Premise) 2019 up to and including Management Server version 14039 is affected. However, the initially published patch "FixTool_Aug2025" was classified as provisional, as it stalled the remote install function.
(dmk)
